Just in case you have automated anything that requires login to a Google service, be aware of this change...: Google announced today four new security features for securing Google accounts. These four updates are meant to bolster protections before and after users sign into accounts, but also in the case of recovering after a hack. According to Google's Jonathan Skelker, the first of these protections that Google has rolled out today comes into effect even before users st
It looks as though the ongoing debate about AI adoption has made it out of the technorati circle and in to potential business users. Good...: [...] When considering the impacts of AI, respondents cited cybersecurity as the top concern when it comes to executing AI projects. Some 32% of businesses professionals have experienced an AI-related breach within the last two years. In fear of more cybersecurity infiltrations, 30% of respondents have slowed initiatives, and one in fi
China is going all-in on facial recognition. In the UK, I have to scan my passport for the system to use facial recognition. China has gone full Minority Report, with all the privacy issue that implies...: Passengers checking into flights at Shanghai's Hongqiao International Airport can now use their face to prove their identity thanks to the rollout of facial recognition technology. The airport this week unveiled self-service kiosks for flight and baggage check-in, secur
I support a few sites that use old, but still supported, software that won't run on php 7.2 so I have some sympathy for those that haven't upgraded. Time to roll my sleeves up...: Support for PHP 5.6 drops on December 31 – but a recent report found that almost 62 percent of websites are still using version 5. Almost 62 percent of all websites are still running PHP version 5 – even as version 5.6 of the server-side scripting language inches toward an om...
I like the BeyondCorp model, though I'm not sure I'd trust Google with my IAM framework...: Google will offer its cloud identity tools--based on a security framework called BeyondCorp--as a standalone tool with one console and platform to manage users, devices, apps and access. The technology behind Cloud Identity was used within G Suite, but is now being broken out on their own, said Karthik Lakshminarayanan, Product Management Director at Google Cloud Platform. Beyon
Doubleplus ungood...: An academic study published last month shows that despite years worth of research into the woeful state of network traffic inspection equipment, vendors are still having issues in shipping appliances that don't irrevocably break TLS encryption for the end user. Encrypted traffic inspection devices (also known as middleware), either special hardware or sophisticated software, have been used in enterprise networks for more than two decades. System a
I'm in two minds about this (I'm a MacBook Pro user). I can see security advantages but also it drastically reduces my choices for repair/upgrades. On balance though, I'd prefer the security...: Apple has introduced software locks that will effectively prevent independent and third-party repair on 2018 MacBook Pro computers, according to internal Apple documents obtained by Motherboard. The new system will render the computer “inoperative” unless a proprietary Apple “system
It seems AI is as capable of subjective decision making as us weak humans...: [...] As Human Rights Commissioner, Santow wanted to show just how easy it is to have AI meant for good turn bad. "As the technology progresses, AI will be very useful in the real world; the applications are almost limitless ... while prediction is essential to almost every human activity, we humans are notoriously bad at it. If AI improves the accuracy of our forecasting, this could change ever
If you've embraced DevSecOps, this might be a useful addition to your security architecture...: How do you really know that an application has not been compromised? A newly patented technology is based on the premise that because you know precisely what every thread and API call are supposed to do, any divergence is a sign of trouble. Fault-tolerance has long used multiple identical instances of an application to insure that the application can continue to function even i...
Interesting approach to the tokenisation of sensitive data...: [...] How it works Databases often have sensitive fields like bank accounts or social security numbers. The norm is to encrypt these. ALTR Protect takes the sensitive data, tokenizes it or renders it illegible, and then splits it up into pieces and scatters it across separate nodes or servers. Sikora observed: “So if one person got access to one node, they would only have access to one fragment of informati...